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DETAILED ACTION 

1. Claims 1-22 have been examined. 

Specification 

2. The lengthy specification has not been checked to the extent necessary to 
determine the presence of all possible minor errors. Applicants cooperation is 
requested in correcting any errors of which applicant may become aware in the 
specification. 

3. The applicant is requested to review the specification and update the status of all 
co-pending applications made mention of, replacing attorney docket numbers with 
current U.S. application or patent numbers when appropriate. References to U.S. 
applications or patents should make it clear as to what the number refers (e.g. U.S. 
Patent No. #), instead of listing only the number. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

5. Claims 1, 3-6, 9-10, 12, and 20 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Lee et al U.S. Patent No. 6,018,717. 

6. Regarding Claims 1 and 20: A secure module and a first storage device (Fig 
2.64 Col 5 line 64 - Col 6 line 15) As shown the security card within the terminal is a 
secure module that contains storage. 
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Second storage device (Fig 1.16) 
Third storage device (Fig 1.20) 

Processor (Fig 2, Col 5 line 64 - Col 6 line 15) The card contains a processor for 
authenticating transactions. 

Authenticate second storage device by secure module (Fig 3-7, Col 5 line 64 - Col 6 line 
15) As shown within the figures and the stated lines the second storage device is 
authenticated with the consumer card as it is an inclusive part therein. 
Request a counter value from second storage device (Fig 5-7, Col 5 line 64 - Col 6 line 
22, Col 16 lines 35-57) The access device requests a counter value (i.e. currency/token 
amount) from the card and this sent back to the access device for final authorization. 
Writing secure state information and counter value to third storage device (Col 16 lines 
35-57) When finally authenticated and as noted the debit command must change the 
value that is stored within the memory of the third storage device of the card, thereby 
writing the information about the transaction back to the third storage. 
Cryptographic transform (Fig 1.24, Col 16 lines 35-57) 

7. Regarding Claim 3: First storage is a ROM (Fig 2.64, Fig 1.18, Col 4 line 65 - 
Col 5 line 10, Col 5 lines 64-67) As exemplified by the card of figure 1 the first storage 
is contained on a security card that operates in the same manner by using the provided 
operating system located on the ROM to perform its functions. 

8. Regarding Claim 4: Second and third storage devices are external, read-write 
memory devices (Fig 1.16.20, Col 4 line 65 -Col 5 Iine10) 
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9. Regarding Claim 5: First and second memory devices are tamper resistant 
memory (Fig1, Fig 2, Col 5 line 64 -Col 6 line 15) As taught the first memory is 
contained within a secured card, and additionally the second is contained within an 
electronic card similar to the first. 

10. Regarding Claim 6: Second and third storage are removable electronic card (Fig 
1 Col 4 line 65 - Col 5 Iine10) 

11. Regarding Claim 9: Third memory is an insecure storage device (Fig 1.20) 

12. Claims 14-18 are a method implementation of claims 1, 3-6, 9 and as such are 
rejected on the same basis. 

Claim Rejections - 35 USC § 103 

13. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

14. Claims 1-22 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Harris et al U.S. Patent No. 6,331 ,972, and further in view of Lee et al U.S. Patent No. 
6,018,717. 

1 5. Lee et al teaches the use of a smartcard with another electronic device for the 
purpose of storage and authentication but fails to teach the involved electronic device 
as a personal communication device. 

16. Harris et al teaches the use of a personal communication device and 
authorization of usage of such a device. 
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17. It is desirable within any system to have authentication capabilities, but when 
those services are slow it can be cumbersome (Harris Col 1 lines 34-50, Col 2 lines 5- 
11). Therefore, any means that can provide better efficiency in this process is always 
an added advantage. Furthermore within a portable device storage is always at a 
premium so the ability to provide additional storage is a desirable attribute (Lee Col 1 
lines 12-20, 53-67). 

1 8. It would have been obvious to one of ordinary skill in the art at the time of the 
applicant's invention to combine the system of Harris et al with that of Lee et al for the 
advantages of added portable storage and increased efficiency in authenticating as 
could be provided by implementing the smart card system of Lee et al into the portable 
device of Harris et al. 

19. Regarding Claims 1 and 20: A secure module and a first storage device (Lee Fig 
2.60,40 2.68, 2.66, 1.18, Col 6 lines 15-17, Harris Fig 26) Within the combination of 
these two systems some of the systems of Lee are incorporated into the personal 
communication device of Harris et al. as is necessary for the functionality of the 
combination. In this case the secure module is connotated by the access device and 
terminal. This terminal by its nature is a secure module as in order to be able to 
authenticate any system it must be secure and authentic itself. 

Second storage device (Lee Fig 1.16) As shown the card contains storage 
Third storage device (Lee Fig 1.20) As shown the card contains storage 
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Processor (Harris Fig 26, Lee Fig 1, 2, 3) The system of the combination contains 

Processors in both the personal communication device (PCD) and in the smartcard that 

are in communication with the various storage devices of the system. 

Authenticate second storage device by secure module (Lee Fig 3, Col 7 lines 24-42, 55- 

62, Col 8 lines 33-44, Harris Fig 6) As stated the card, which the storage devices are a 

part, is authenticated via the terminal (secure module) which is the PCD. 

Request a counter value from second storage device (Col 8 lines 33-44, Col 9 lines 52- 

64) Lee demonstrates that all of the information necessary is read from the card during 

the authentication process. As it can be seen the counter value information is 

necessary information for being able to know if the card is authenticate and still contains 

a valid state for authentication. 

Writing secure state information and counter value to third storage device (Col 9 lines 
52-64) Lee et al teaches incrementing a counter value within the memory of the card 
upon completion of authentication. 

20. Regarding Claim 3: First storage device is a ROM (Harris Fig 26, Col 8 lines 35- 
45, 50-55, Lee Fig 2.68) It is well known within the art that the devices made of mention 
contain memory such as. ROM 

21 . Regarding Claim 4: Second and third storage devices are external read-write 
memory devices (Lee Fig 1 .16,20) It is clearly seen that the card is external to the PCD 
and the stated memories are of a type that is read-write that being RAM and Non- 
volatile. 
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22. Regarding Claim 5: First and second storage devices are tamper-resistant 
(Harris Fig 6, Lee Col 3 lines 50-55, 60-67, Fig 3-5) The first and second storage 
devices are resistant to any efforts of tampering since the user must be authenticated in 
order to access the information just the same as the terminal must have been 
authenticated before it is capable of accessing the cards information. Additionally, 
these devices are contained in a physical manner such as in the case of the terminal 
that prevents direct outside connection to these devices without disassembling the card 
or the PCD. 

23. Regarding Claim 6: Second and Third storage devices are within a removable 
electronic card that is received by the personal communication device (Lee Fig 1.16, 
1.20, Fig 3) The second and third storage as stated above are contained within the 
card and furthermore as denoted by the figure are received by the terminal (PCD). 

24. Regarding Claims 7 and 8: Communication between the processor, secure 
module, second, and third storage devices comprises a plurality of protocols using an 
OS of the PCD (Lee Figs 3-9, Harris Figs 6, 1 0-38) As defined by The American 
Heritage dictionary a protocol is a standard for regulating data transmission between 
computers. Within the system of Lee and Harris there is a standard language that is 
understood for the communication of the two devices to transpire. This standard as is 
necessitated by the functions of the device provides for protocols that are designated as 
a create protocol for the generation of information, read for the instances of reading 
such information out of memory for authentication, and updating information such as 
currency values within the system. 
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25. Regarding Claim 9: Third storage device is an insecure memory (Lee Fig 1.20, 
Col 1 lines 57-65) The non-volatile memory of the third storage device is considered 
insecure as such memory as EEPROM tends to degrade over its lifetime and has a 
tendency to lose data. 

26. Regarding Claim 10:. secured counter value is from the second storage device 
and encrypted using a cryptographic transform (Lee Figs 5-6, Col 6 lines 4-12, Col 10 
lines 41-53, Col 11 lines 1-10, Table 1, lines 41-59, Col 12 lines 29-35, 39-45) 
Communications between the card and system are encrypted as shown, thus providing 
for any of the information contained within a message sent to the other party to be 
encrypted using a cryptographic transform. 

27. Regarding Claim 1 1 : Personal communication device is a cellular telephone, 
satellite phone, PDA, or Bluetooth device (Harris Fig 3, Col 4 lines 23-29, Col 8 lines 35- 
45,51-55, Col 14 lines 15-21) 

28. Regarding Claim 21 : Receiving a compliance certificate and public key from 
second storage (Lee Figs 5-6, Col 6 lines 4-12, Col 10 lines 41-53, Col 11 lines 1-10, 
Table 1, lines 41-59, Col 12 lines 29-35, 39-45) 

Verifying the authenticity of certificate (Fig 6) As shown above the system provides for 
authentication via public key certificate authentication, which involves the authentication 
of a certificate and receiving a key in addition. 

29. Regarding Claim 22: Receiving a success or failure indication from third storage 
device (Fig 5-6, Col 1 lines 40-67, Col 5 lines 35-42, Col 12 lines 50-61) Within the 
system the writing and changing of information into storage must be verified as within 
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any such device within the art. Without verification of such an event the system would 
not be able to function in the required manner since writing an update for instance back 
to the card must occur when a debit is performed if the user removes the card before 
verification then they could essentially fool the card every time and never experience a 
reduction in the amount on the card. As it can be seen from this example and those 
parts cited the system provides for a verification of success or failure. 

30. Claims 12, 14-19 are a method implementation of claims 1,3-11 and as such are 
rejected on the same basis. 

31. Claims 2 and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Harris et al U.S. Patent No. 6,331,972, and Lee et al U.S. Patent No. 6,018,717, as in 
claim 1 above and further in view of Kamel U.S. Patent No. 6,009,150. 

32. Harris et al and Lee et al teach a system as in claim 1 that uses a PIN (Lee Col 1 
lines 53-67), but does not explicitly state tracking the number of attempts to correctly 
enter the PIN. 

33. A high level of security is an advantageous feature within any computer system. 
Furthermore, the detection and aversion of an attempt to access the system by an 
unauthorized user is even further desirable. (Lee Col 1 lines 53-67, Kamel Col 5 lines 
5-20) 

34. Kamel teaches the implementation of a counter for the determination of the 
number of attempts to enter a PIN. Kamel teaches that this is an advantageous feature 
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so that a malicious user cannot use a brute force method of repeated guessing to obtain 
entry into the system. (Figs 2A-C, Col 4 lines 45-67, Col 5 lines 1-15) 

35. It would have been obvious to one of ordinary skill in the art at the time of the 
applicant's invention to combine the system of Harris et al and Lee et al in claim 1 
above with that of Kamel for the added advantages of improved security as stated 
above. 

Conclusion 

36. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. Applicant is reminded that in amending in response to a rejection 
of claims, the patentable novelty must be clearly shown in view of the state of art 
disclosed by the references cited and the objections made. Applicant must show how 
the amendments avoid such references and objections. See 37 CFR 1.111 (c). 

37. Inquiries concerning this communication or earlier communications from the 
examiner should be directed to Thomas M. Szymanski who can be reached at (571) 
272-8574. The examiner's normal working schedule is between the hours 8:00am - 
4:30pm (EST), Monday - Friday. 

38. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse, can be reached at (571) 272-3838. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

39. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
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published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). A 




